Validate licenses included in artifacts #558
Conversation
| @@ -538,6 +538,10 @@ func (s Spec) Validate() error { | |||
| } | |||
| } | |||
|
|
|||
| if s.Artifacts.Licenses == nil { | |||
There was a problem hiding this comment.
i think we want to check if source includes LICENSE or LICENSE.md
There was a problem hiding this comment.
From what I gathered on build-defs, I don't see where a license is included explicitly. Do you mean searching through the aforementioned source to verify the path is correct?
There was a problem hiding this comment.
I don't think we can really do this validation here.
At best we can provide a warning message back to clients, but we can't do that from here.
There was a problem hiding this comment.
What's prohibiting us from doing that validation? Is it that we don't have visibility to the file system at this point?
There was a problem hiding this comment.
I guess in the same vein, what exactly constitutes a license and do we require it for every spec/does it exist for every project
There was a problem hiding this comment.
I think dalec itself is just not the right place to error out on a missing license file.
There was a problem hiding this comment.
Sounds like we should add this check to build-defs then?
What this PR does / why we need it:
Which issue(s) this PR fixes (optional, using
fixes #<issue number>(, fixes #<issue_number>, ...)format, will close the issue(s) when the PR gets merged):Fixes #547
Special notes for your reviewer: